I had a chance to review the Keycarbon USB Home Mini this week. I’ve been wanting to try one of these to see how they would compare to a PS/2 keyboard logger, PS/2 is still pretty popular as far as cheaper keyboards but the shift in technology is going more towards USB keyboards. I was pretty impressed by the quality of the keylogger and its simple installation.

• Business owners needing to monitor employees
• Parents needing to monitor children
• People who might need backups of things they type (writers etc)
• Private investigators, law enforcement, hackers, James Bond 🙂

Why would someone want a hardware keylogger as opposed to a software based one? Well this question has it’s pros and cons:

The pros are:

• It’s dead simple to install , just unplug the keyboard,plug this device in , and plug the keyboard into the device ,that’s it!
• No need for root/admin level permissions to install
• It can be installed on any system that has a USB port (Windows,Mac,Linux etc)
• Since it’s hardware-based it wont be detected by antivirus/malware programs ever
• It picks up EVERYTHING typed, even bios password passwords and log-ons

The cons are:

• Since it doesn’t interact with the operating system it can’t get the name of windows where the text was typed so it makes it a chore to scan the logs for the juicy information
• Easy to prevent logging by just removing the logger form the computer (which most people won’t be aware of anyhow, who actually crawls behind their computer everyday?)
• Recovery of logs might be more difficult because they are stored physically on the device and not sent to a remote location. But if you were able to install it in the first place , then recovering it shouldn’t that much harder.
• If the person has a PS/2 keyboard you can’t use an adapter because the device needs power from the USB port to work

Recovering the logs from the device can be done on any computer even though they offer the software to recover the logs faster, it’s not needed which makes this device a good tool to have in your arsenal. To recover the logs alls you you need to do is open any text editor (notepad etc…) and type in the password (default password is phxlog) and the device goes into menu mode, where you have a few options to choose
you have open so it’s best to open notepad or wordpad or any *nix/MAC equivalent before typing this. This menu will give you various options for the device ,which are:

1. Partial/Full Log download
2. Erase logs (quick or thorough)
3. Setting the default password (alphanumeric only,under 17 chars)
4. Firmware upgrade
5. Diagnostics
6. Speed (that the logs are typed)

Once you choose read the logs it starts auto typing the logs onto whatever window is open has the main focus (which is why you need to open a text editor).  If you don’t like to wait for it to auto-type (you might have days of saved logs) you can get the software to download it in one swoop. The only problem with the software that as of now it’s only compatible with windows.

Detection of the Device:

Because the device doesnt install into the operating system its pretty much insvisible to the normal user. Only a trained computer expert would notice the device it because the only sign it’s there is that it is seen as a USB hub by the OS. It shows up as a “generic 4 port hub Vid_0451&Pid_2046” Vendor id of 0451 and a product id of 2046, which comes up as a generic Texas instruments device which wont raise many eyebrows. Because it’s a USB 1.1 hub it is possible that it may be discovered if someone plugs a USB 2.0 keyboard inline with it. (They might get a warning message telling them that their device can perform at a higher speed if they use a different port.) But the chances are slim of someone needing to replace their keyboard.

All in all this device is a stable tool to use, it logged with no problems at all with every keyboard/OS i used with it.  Although the price is a little high for most people, it’s well priceless for businesses who need to keep an eye on employees, or a parent who needs to monitor their children’s internet activity. I want to thank Keycarbon for giving me the opportunity to review and test this device. Check out their site for other devices they offer that I didn’t get to review , but are another great alternative to stealth hardware logging.

Normally if a message is received during the passcode entry or while the screen is locked, a generic message of “New Text Message” appears, to prevent viewing of messages without unlocking the phone. However, if you place the IPhone into emergency call mode, any incoming SMS messages are previewed instead of presented as the generic messages.

Need to secure your usb drive? Click Here!

Chrome stores saves passwords in CLEAR TEXT.

1 ] Go to any site that allows you to sign in ex. webmail.pair.com

2 ] Enter your fake username. Enter a false (incorrect) password

3 ] Allow Chrome to save password ( It will prompt below the address bar)

4 ] Close Chrome

5 ] Locate and change directory using the command prompt to the path below

%:\Documents and Settings\%user name%\Local Settings\Application Data\Google\Chrome\User Data\Default\Current Session ( Path might be different in Vista )

6 ] Note that the “Current Session” file needs to be present in your
“\Application Data\Google\Chrome\User Data\Default\” directory

7 ] Type this command in cmd : find “&secret” “Current Session”

8 ] You can see that its stored in clear text.
example:
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\C
hrome\User Data\Default>find “&secret” “Current Session”

---------- CURRENT SESSION
login_username=FakeUser&secretkey=FakePass&x=18&y=8B

Need to secure your usb drive? Click Here!

A free Oracle password cracker written completely in PL/SQL. It is not the intention to replace the fast C based crackers such as woraauthbf but instead to suppliment it and to promote the need to check for weak passwords in customer databases but allow the customer to have a safe and easy method to do it that doesn’t involve downloading binaries, oracle clients, ssl dlls and more.
More info can be found at the author site.
http://www.petefinnigan.com/oracle_password_cracker.htm

This firefox extension simply checks if the URL you’ve just opened contains YouTube’s VerifyAge-page. If it does, it’ll grab the video-ID of the video-clip you just tried to watch and open up a popup-window with that video – WITHOUT having to login / register.
(more…)

As you know AT&T is the only carrier for IPhones (unless its jailbroken). For many people jumping on the IPhone craze do not know that the convenience of listening to your voicemail from your Iphone (or any AT&T phone for that matter) is a huge hole. The AT&T voicemail system is configured by default not to ask for a password when you check your voicemail from the handset (it asks for your voicemail password if you call your number from another phone and press * when your voicemail answers). (more…)

A few days ago during a drunken IRC chat irongeek was talking about how to change some registry settings to make your windows box act like a different OS on the network in order to fool some scanners. He released some autoIT script as a POC. ::HERE:: Now seeing as i hate bloated software i told him i could do the same thing in assembly in 4.5kb. Which i pretty much succeeded in doing but its actually 14kb because i used his same 9kb icon for the exe. Now granted the source code looks crappy because i was just slapping it together in time to show him, so i figure you can download both his and mine and see how they are similar. My version with src code is below

Download OSFuscate

btw i dont wear glasses

ElcomSoft Claims 1 Billion Passwords/Sec Recovery; Uses GPUs in Parallel
Distributes tasks to multiple NVIDIA video accelerators

ElcomSoft has released a new version its Distributed Password Recovery program for recovering system and document passwords at speeds of up to 1 billion passwords per second. (more…)

Does it live up to it’s name? Right now on nVidia 9600GT/C2D 3Ghz CUDA version does 350 M keys/sec, SSE2 version does 108 M keys/sec.

• CUDA version only:nVidia GeForce 8xxx and up, at least 256mb of video memory.
• LATEST nVidia-driver with CUDA support.Standard drivers might be a bit older (as CUDA 2.0 is still beta)
• CPU with SSE2 support (P4, Core2Duo, Athlon64, Sempron64, Phenom).
• Recommended 64-bit OS (WinXP 64 or Vista64). 32-bit version is also available.

(more…)